UK firms still too lax on confidential data disposal, research finds

Almost a fifth of UK organisations have been victims of serious data fraud, as new research is released revealing worrying gaps in confidential data disposal.

The study, carried out on behalf of the British Security Industry Association's (BSIA) information destruction section, has found that despite widely reported risks of data breaches and identity fraud, there remain serious gaps in how data disposal is handled by both public and private sector firms.

Significantly, the research showed that nearly 19% of organisations have been a victim of serious data fraud. Where such data breaches occurred, it was noted by the respondents that half of these involved paper and the rest were related to computer hard-drives.

In terms of how respondents viewed the threat posed by the loss of confidential information to their organisations, 79% felt that, over the past 12 months, the danger had either increased or remained the same. In addition only half of the organisations questioned used a professional company to oversee the destruction of their confidential data.

The survey also sought to discover who within each organisation was responsible for compliance with measures such as the Data Protection Act. In nearly 38% of cases it was the IT manager who took the lead, followed by the managing director (19%) and the facilities manager (16%).

BSIA information destruction section chair Russell Harris said: "For information destruction, paper has to remain a key focus as, without the right management systems in place, it can so easily be discarded with less sensitive waste, leaving it open for use by criminal elements."